WASHINGTON, D.C. – Today, two years after the massive Equifax data breach, the credit monitoring agency has agreed to a settlement of up to $700 million. The agreement includes at least $400 million in consumer relief, $175 million to states, and $100 million to the Consumer Financial Protection Bureau in civil penalties.

CRL Director of State Policy and Executive Vice President Diane Standaert released the following statement:

The consequences of this data breach will be lasting, and it only underscores the need for rigorous oversight and reform over credit monitoring agencies. Consumers don’t have a say on whether or not they want companies like Equifax to have access to their sensitive financial information, including addresses, social security numbers, and credit profiles.

This settlement alone will not restore trust between consumers and credit monitoring agencies, or resolve the myriad of concerns about how the handling of consumers’ data has lasting impacts on their day-to-day lives. Greater protections are needed if we want to prevent people’s private information from appearing on the dark web or sold to identity thieves. As such, we must continue working towards expanding protections in this area and other areas of the financial system where similar risks exist.

We thank the federal agencies, states, and consumers who took an active role in getting relief for those who were harmed by Equifax’s security flaws. We especially recognize the important work of Attorneys General in 48 states, the District of Columbia, and Puerto Rico to seek redress, along with federal agencies, for the 147 million people effected by the largest-ever consumer data breach.

For more information, or to arrange an interview with a CRL spokesperson on this issue, please contact Ricardo Quinto at ricardo.quinto@responsiblelending.org.

Related Content